Apple
-
Apple says devices targeted by mercenary spyware in new wave of attacks, CERT-FR reports
France’s CERT-FR says Apple devices were targeted in a new wave of mercenary spyware attacks, issuing four threat notifications this year and noting that some campaigns exploit zero-day flaws while others require no user interaction.
-
Apple patches zero-day CVE-2025-43300 after highly targeted attack, urges immediate updates
Apple has issued security updates for CVE-2025-43300, a zero-day flaw in Apple’s Image I/O framework that was exploited in a highly targeted attack; users are urged to install the latest iOS, iPadOS and macOS updates.
-
UK Drops Apple Backdoor Mandate as U.S. Vows to Protect Americans’ Civil Liberties over Encryption
The U.K. reportedly abandoned a government plan to compel Apple to weaken encryption and enable a backdoor, signaling a shift in how authorities approach access to encrypted data while U.S. officials emphasize protecting civil liberties for Americans.
-
Research Uncovers Privacy Concerns in Apple’s Siri Data Handling
New research reveals that Apple’s Siri may send sensitive user data to company servers beyond its stated privacy policies, raising concerns about the integrity of user privacy and end-to-end encryption.
-
Apple Addresses Critical Safari Vulnerability with Software Update
Apple has released crucial updates to counteract a significant Safari vulnerability, classified as CVE-2025-6558, that may allow for exploits through crafted HTML content. The patch aims to protect users across multiple devices and systems.
-
Vulnerability in macOS Spotlight Exposes User Data
A vulnerability in macOS, known as CVE-2025-31199, has been revealed, allowing attackers to exploit Spotlight plugins to access protected user data, including sensitive files cached by Apple Intelligence. Apple has issued a patch to address the flaw.
-
Apple Advances Passkey Interoperability with New Import/Export Feature
Apple has unveiled a new import and export feature for passkeys, aiming to enhance security and usability in credential management. The new process eliminates insecure file transfers and improves the interoperability of passkeys across applications.
-
Apple Prevents Over $9 Billion in Fraudulent Transactions in Last Five Years
Apple Inc. has revealed that it prevented more than $9 billion in fraudulent transactions in the last five years, particularly noting over $2 billion in the year 2024 alone, through stringent App Store policies aimed at protecting users from deceptive apps and other malicious activities.
-
Major Vulnerabilities Discovered in Apple’s AirPlay: Millions At Risk
A new report reveals critical vulnerabilities in Apple’s AirPlay that threaten billions of devices. Cybersecurity firm Oligo has identified numerous weaknesses that could enable unauthorized control, data theft, and communication interception, calling for immediate action from users and manufacturers.
-
Tech Giants Lead Push for Shorter Digital Certificate Lifespans
Tech giants Apple and Google are leading a significant initiative to reduce the maximum lifespans of digital certificates, aiming to strengthen cybersecurity and mitigate risks associated with long-term certificates. The proposal suggests a maximum validity of 90 days from Google and 47 days from Apple, potentially revolutionizing internet safety standards.
